Re: [toaster] Stunnel v4 + pop3ds problem
I am back with my pop3ds problem. I have tested it on an other computer under debian etch. The same error appears. Does anybody has a pop3ds working under Debian etch with any version of stunnel ? 2007/5/2, laety Boop [EMAIL PROTECTED]: Hello Bill I enabled the stunnel debug in stunnel.conf but the log file stay empty !! I have try to restart stunnel but the init.d/stunnel4 does not seems to work well ... What do you mean by sim-link the pem file ? Thank you Laëtitia 2007/5/1, Bill Shupp [EMAIL PROTECTED] : laety Boop wrote: Hi Rick ! Thank you for your answer. I used the Bill's toaster pop3d.run.v4 as he told to do with stunnel v4. Does someone has any idea ? The problem is that stunnel is for some reason defaulting to /etc/stunnel/stunnel.pem, it's not honoring your cert entry in stunnel.conf. I don't know why that is, though. Your run and conf files look correct. Perhaps there's a debug or verbose argument to stunnel. You could also sym-link the pem file to see if that works as a test. Regards, Bill
Re: [toaster] Stunnel v4 + pop3ds problem
Hi again ! I am happy to tell that i have found how to fix this problem. If you use stunnel4 like i do, just change the path to stunnel in the pop3ds/run : #!/bin/sh VPOPMAILUID=`id -u vpopmail` VPOPMAILGID=`id -g vpopmail` exec /usr/local/bin/tcpserver -l 0 -R -H -v \ -u$VPOPMAILUID -g$VPOPMAILGID 0 995\ /usr/bin/stunnel4 /service/qmail-pop3ds/stunnel.conf 21 2007/5/4, laety Boop [EMAIL PROTECTED]: I am back with my pop3ds problem. I have tested it on an other computer under debian etch. The same error appears. Does anybody has a pop3ds working under Debian etch with any version of stunnel ? 2007/5/2, laety Boop [EMAIL PROTECTED]: Hello Bill I enabled the stunnel debug in stunnel.conf but the log file stay empty !! I have try to restart stunnel but the init.d/stunnel4 does not seems to work well ... What do you mean by sim-link the pem file ? Thank you Laëtitia 2007/5/1, Bill Shupp [EMAIL PROTECTED] : laety Boop wrote: Hi Rick ! Thank you for your answer. I used the Bill's toaster pop3d.run.v4 as he told to do with stunnel v4. Does someone has any idea ? The problem is that stunnel is for some reason defaulting to /etc/stunnel/stunnel.pem, it's not honoring your cert entry in stunnel.conf. I don't know why that is, though. Your run and conf files look correct. Perhaps there's a debug or verbose argument to stunnel. You could also sym-link the pem file to see if that works as a test. Regards, Bill
Re: [toaster] Stunnel v4 + pop3ds problem
Hello Bill I enabled the stunnel debug in stunnel.conf but the log file stay empty !! I have try to restart stunnel but the init.d/stunnel4 does not seems to work well ... What do you mean by sim-link the pem file ? Thank you Laëtitia 2007/5/1, Bill Shupp [EMAIL PROTECTED]: laety Boop wrote: Hi Rick ! Thank you for your answer. I used the Bill's toaster pop3d.run.v4 as he told to do with stunnel v4. Does someone has any idea ? The problem is that stunnel is for some reason defaulting to /etc/stunnel/stunnel.pem, it's not honoring your cert entry in stunnel.conf. I don't know why that is, though. Your run and conf files look correct. Perhaps there's a debug or verbose argument to stunnel. You could also sym-link the pem file to see if that works as a test. Regards, Bill
Re: [toaster] Stunnel v4 + pop3ds problem
laety Boop wrote: Hello everybody I got a problem with stunnel 4 and pop3ds (on Debian etch). But it works well with imap and smtp. openssl s_client -connect localhost:995 this command show : CONNECTED(0003) write:errno=104 Here is the qmail-pop3ds log : ok 18836 0:127.0.0.1:995 http://127.0.0.1:995 :127.0.0.1::44336 2007-05-01 03:39:14.575979500 2007.05.01 03:39:14 LOG3[18836:3083192000]: Error reading certificate file: /etc/stunnel/stunnel.pem 2007-05-01 03:39:14.576023500 2007.05.01 03:39:14 LOG3[18836:3083192000]: error stack: 140DC002 : error:140DC002:SSL routines:SSL_CTX_use_certificate_chain_file:system lib 2007-05-01 03:39:14.576044500 2007.05.01 03:39:14 LOG3[18836:3083192000]: error stack: 20074002 : error:20074002:BIO routines:FILE_CTRL:system lib 2007-05-01 03:39:14.576063500 2007.05.01 03:39:14 LOG3[18836:3083192000]: SSL_CTX_use_certificate_chain_file: 200100D: error:0200100D:system library:fopen:Permission denied and here is my pop3ds/run : #!/bin/sh VPOPMAILUID=`id -u vpopmail` VPOPMAILGID=`id -g vpopmail` exec /usr/local/bin/tcpserver -l 0 -R -H -v \ -u$VPOPMAILUID -g$VPOPMAILGID 0 995\ /usr/bin/stunnel /service/qmail-pop3ds/stunnel.conf 21 finally here is my qmail-pop3ds/stunnel.conf ( changed domain.com http://domain.com with mine but it does not change anything) cert = /var/qmail/control/servercert.pem exec = /var/qmail/bin/qmail-popup execargs = qmail-popup crecep.net http://crecep.net /home/vpopmail/bin/vchkpw /var/qmail/bin/qmail-pop3d Maildir Hi, I don't know if this is your problem but the config setup for stunnel V3 and V4 are completely different. You might be trying to use the V3 setup with V4 of stunnel. I believe the default toaster instructions are for V3 but there are instructions for V4 on the toaster site somewhere. /Sorry I don't use it and I'm watching the hockey playoffs and having a beer or I'd dig further. HTH, Rick
Re: [toaster] Stunnel v4 + pop3ds problem
Hi Rick ! Thank you for your answer. I used the Bill's toaster pop3d.run.v4 as he told to do with stunnel v4. Does someone has any idea ? 2007/5/1, Rick Macdougall [EMAIL PROTECTED]: laety Boop wrote: Hello everybody I got a problem with stunnel 4 and pop3ds (on Debian etch). But it works well with imap and smtp. openssl s_client -connect localhost:995 this command show : CONNECTED(0003) write:errno=104 Here is the qmail-pop3ds log : ok 18836 0:127.0.0.1:995 http://127.0.0.1:995 :127.0.0.1::44336 2007-05-01 03:39:14.575979500 2007.05.01 03:39:14 LOG3[18836:3083192000]: Error reading certificate file: /etc/stunnel/stunnel.pem 2007-05-01 03:39:14.576023500 2007.05.01 03:39:14 LOG3[18836:3083192000]: error stack: 140DC002 : error:140DC002:SSL routines:SSL_CTX_use_certificate_chain_file:system lib 2007-05-01 03:39:14.576044500 2007.05.01 03:39:14 LOG3[18836:3083192000]: error stack: 20074002 : error:20074002:BIO routines:FILE_CTRL:system lib 2007-05-01 03:39:14.576063500 2007.05.01 03:39:14 LOG3[18836:3083192000]: SSL_CTX_use_certificate_chain_file: 200100D: error:0200100D:system library:fopen:Permission denied and here is my pop3ds/run : #!/bin/sh VPOPMAILUID=`id -u vpopmail` VPOPMAILGID=`id -g vpopmail` exec /usr/local/bin/tcpserver -l 0 -R -H -v \ -u$VPOPMAILUID -g$VPOPMAILGID 0 995\ /usr/bin/stunnel /service/qmail-pop3ds/stunnel.conf 21 finally here is my qmail-pop3ds/stunnel.conf ( changed domain.com http://domain.com with mine but it does not change anything) cert = /var/qmail/control/servercert.pem exec = /var/qmail/bin/qmail-popup execargs = qmail-popup crecep.net http://crecep.net /home/vpopmail/bin/vchkpw /var/qmail/bin/qmail-pop3d Maildir Hi, I don't know if this is your problem but the config setup for stunnel V3 and V4 are completely different. You might be trying to use the V3 setup with V4 of stunnel. I believe the default toaster instructions are for V3 but there are instructions for V4 on the toaster site somewhere. /Sorry I don't use it and I'm watching the hockey playoffs and having a beer or I'd dig further. HTH, Rick
Re: [toaster] Stunnel v4 + pop3ds problem
laety Boop wrote: Hi Rick ! Thank you for your answer. I used the Bill's toaster pop3d.run.v4 as he told to do with stunnel v4. Does someone has any idea ? The problem is that stunnel is for some reason defaulting to /etc/stunnel/stunnel.pem, it's not honoring your cert entry in stunnel.conf. I don't know why that is, though. Your run and conf files look correct. Perhaps there's a debug or verbose argument to stunnel. You could also sym-link the pem file to see if that works as a test. Regards, Bill